wachaimandates
PassAudited by ClawScan on May 10, 2026.
Overview
The skill’s documented behavior matches its stated purpose, but it involves installing a Node CLI, managing a signing wallet, and exchanging signed agreements that users should review carefully before use.
This appears to be a coherent instruction-only skill for a mandate-signing CLI. Before installing, verify the npm package and repository. Use a dedicated wallet, protect the wallet file, inspect every mandate JSON carefully, and require explicit approval before signing or sending acceptance, especially for mandates involving payments, swaps, services, or reputation.
Findings (5)
Artifact-based informational review of SKILL.md, metadata, install specs, static scan signals, and capability signals. ClawScan does not execute the skill or run runtime probes.
Installing the package gives executable code from npm access to run locally as the user.
The skill relies on a globally installed npm CLI package, but the provided artifact set contains only SKILL.md and no package source or lockfile for review.
npm install -g @quillai-network/wachai
Install only from a trusted source, verify the npm package and repository, and consider using an isolated environment for testing.
Anyone with access to the wallet file or private key may be able to sign mandates as that identity.
The skill uses a local wallet or private key to sign mandates. This is expected for cryptographic signing, but private keys are sensitive authority.
Defaults: - wallet file: `~/.wachai/wallet.json` ... Legacy (deprecated): - `WACHAI_PRIVATE_KEY` still works
Use a dedicated low-risk wallet for this workflow, protect ~/.wachai/wallet.json, and avoid using a main financial wallet or broadly reused private key.
A signed mandate could be interpreted by another agent or counterparty as accepted terms for work, payments, swaps, or services.
Signing a mandate is explicitly described as acceptance and may create a durable agreement record. This is central to the skill’s purpose, but it is a high-impact action that should not be performed casually.
A mandate is only **approved** once it has **both signatures** ... Client signs second (acceptance) ... `wachai sign <mandate-id>`
Inspect the mandate JSON, confirm the counterparty, intent, and body fields, and get explicit user approval before signing or sending acceptance.
An incoming mandate could be saved locally and later selected for signing if the user or agent does not verify it carefully.
The skill receives agent-to-agent messages over XMTP and persists embedded mandates locally. This is expected for mandate exchange, but incoming content should be treated as untrusted until reviewed.
wachai xmtp receive --env production ... listens for incoming XMTP messages ... saves the embedded mandate to local storage
Verify sender identity and mandate contents before signing, and avoid automatically accepting mandates received from unknown counterparties.
A long-running receiver may continue storing incoming mandate messages while it is open.
The documented receiver can run continuously to listen for incoming messages. This persistence is disclosed and purpose-aligned, not hidden.
keep one terminal open running `wachai xmtp receive` (inbox)
Run the receiver only when needed, use `--once` for one-time processing, and monitor the local storage directory.